package com.ryzx.security.config;

import com.ryzx.security.filter.TokenAuthenticationFilter;
import com.ryzx.security.filter.TokenLoginFilter;
import com.ryzx.security.handle.DefaultPasswordEncoder;
import com.ryzx.security.handle.TokenLogoutHandler;
import com.ryzx.security.handle.UnauthorizedEntryPoint;
import jakarta.annotation.Resource;
import lombok.RequiredArgsConstructor;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;

@Configuration
@RequiredArgsConstructor
public class SecurityConfiguration {
    @Resource
    UserDetailsService userDetailsService;
    @Resource
    DefaultPasswordEncoder defaultPasswordEncoder;


    @Bean
    public AuthenticationManager authenticationManager(AuthenticationConfiguration authenticationConfiguration) throws Exception {
        return authenticationConfiguration.getAuthenticationManager();
    }
    @Bean
    public WebSecurityCustomizer webSecurityCustomizer() {
        return (web) -> web.ignoring().requestMatchers("/user/**");
    }
    @Bean
    public SecurityFilterChain filterChain(HttpSecurity http,
                                           TokenLoginFilter tokenLoginFilter,
                                           TokenAuthenticationFilter tokenAuthenticationFilter) throws Exception {
        AuthenticationManagerBuilder authenticationManagerBuilder=http.getSharedObject(AuthenticationManagerBuilder.class);
        authenticationManagerBuilder.userDetailsService(userDetailsService).passwordEncoder(defaultPasswordEncoder);

        http.authorizeHttpRequests((authz) ->authz.anyRequest().authenticated());
        http.exceptionHandling((authz) ->authz.authenticationEntryPoint(new UnauthorizedEntryPoint()));
        http.csrf(AbstractHttpConfigurer::disable);
        http.logout((authz) ->authz.logoutUrl("/logout").addLogoutHandler(new TokenLogoutHandler()));
        http.addFilterAt(tokenLoginFilter, UsernamePasswordAuthenticationFilter.class);
        http.addFilterAt(tokenAuthenticationFilter, BasicAuthenticationFilter.class);
        // 需要进行build()，返回SecurityFilterChain
        return http.build();
    }

    public static void main(String[] args) {
        BCryptPasswordEncoder bc=new BCryptPasswordEncoder();
        System.out.println(bc.encode("123"));
    }
}
